| 1.109 OL08-00-010640 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.114 OL08-00-010672 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.119 OL08-00-010690 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.122 OL08-00-010720 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.131 OL08-00-010770 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.134 OL08-00-010830 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.194 OL08-00-020300 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.196 OL08-00-020320 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.197 OL08-00-020330 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.332 OL08-00-040170 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.333 OL08-00-040171 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.337 OL08-00-040200 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.340 OL08-00-040220 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.342 OL08-00-040239 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.347 OL08-00-040260 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.351 OL08-00-040279 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.354 OL08-00-040282 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.356 OL08-00-040284 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| AIOS-17-007400 - Apple iOS/iPadOS 17 allow list must be configured to not include applications with the following characteristics: - backs up MD data to non-DOD cloud servers (including user and application access to cloud backup services);- transmits MD diagnostic data to non-DOD servers;- allows synchronization of data or applications between devices associated with user; and- allows unencrypted (or encrypted but not FIPS 140-2/FIPS 140-3 validated) data sharing with other MDs or printers - allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-012400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-014700 - Apple iOS/iPadOS 17 must have DOD root and intermediate PKI certificates installed. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-707000 - Apple iOS/iPadOS 17 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-712300 - Apple iOS/iPadOS 17 must not allow managed apps to write contacts to unmanaged contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-714700 - Apple iOS/iPadOS 17 must have DOD root and intermediate PKI certificates installed. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-999999 - All Apple iOS/iPadOS 17 installations must be removed. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| APPL-15-005110 - The macOS system must enforce enrollment in Mobile Device Management (MDM). | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005130 - The macOS system must enforce installation of XProtect Remediator and Gatekeeper updates automatically. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ARST-L2-000140 - The Arista MLS layer 2 Arista MLS switch must implement Rapid STP where VLANs span multiple switches with redundant links. | DISA STIG Arista MLS EOS 4.x L2S v2r3 | Arista | CONFIGURATION MANAGEMENT |
| ARST-L2-000160 - The Arista MLS layer 2 switch must have all trunk links enabled statically. | DISA STIG Arista MLS EOS 4.x L2S v2r3 | Arista | CONFIGURATION MANAGEMENT |
| ESXI-80-000214 - The ESXi host must configure the firewall to block network traffic by default. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000215 - The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000217 - The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| SLES-15-040010 - The SUSE operating system must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040030 - There must be no shosts.equiv files on the SUSE operating system. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040060 - The SUSE operating system must disable the x86 Ctrl-Alt-Delete key sequence. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040061 - The SUSE operating system must disable the x86 Ctrl-Alt-Delete key sequence for Graphical User Interfaces. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040070 - All SUSE operating system local interactive users must have a home directory assigned in the /etc/passwd file. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040080 - All SUSE operating system local interactive user home directories defined in the /etc/passwd file must exist. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040090 - All SUSE operating system local interactive user home directories must have mode 0750 or less permissive. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040150 - SUSE operating system file systems that are used with removable media must be mounted to prevent files with the setuid and setgid bit set from being executed. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040180 - All SUSE operating system world-writable directories must be group-owned by root, sys, bin, or an application group. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040220 - The SUSE operating system must be configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040290 - The SUSE operating system SSH daemon must disable forwarded remote X connections for interactive users, unless to fulfill documented and validated mission requirements. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040300 - The SUSE operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040320 - The SUSE operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets by default. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040440 - The SUSE operating system must not allow unattended or automatic logon via SSH. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| WN11-SO-000205 - The LanMan authentication level must be set to send NTLMv2 response only, and to refuse LM and NTLM. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000210 - The system must be configured to the required LDAP client signing level. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000220 - The system must be configured to meet the minimum session security requirement for NTLM SSP based servers. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000240 - The default permissions of global system objects must be increased. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
